Haystack
← Back to Jobs
Full time
Other

Cyber, Risk and Compliance (GRC) Senior Consultant

Energy & Fertilisers LimitedPerth, Perth🇦🇺AustraliaPosted 18 Jul 2026

Quick Overview

Work Type
Hybrid
Schedule
Full Time
Level
Mid Senior

Job Description

Cyber Governance, Risk and Compliance (GRC) Specialist

Location: Perth, WA, AU, 6000

About the Role

As a Cyber Governance, Risk and Compliance (GRC) Specialist, you will play a key role in strengthening WesCEF's cyber resilience by assessing the effectiveness of security controls across IT, OT, cloud and third party environments. Your expertise will identify control gaps, evaluate business impacts and provide practical, risk based recommendations that reduce risk and support business continuity.

Key Responsibilities
  • Assess the effectiveness of cyber security controls across IT and OT environments.
  • Identify cyber risks, control gaps and remediation actions through reviews of technology, projects and third party services.
  • Translate technical security issues into clear business risks and actionable recommendations.
  • Provide independent challenge and advice on control effectiveness, risk treatment and remediation priorities.
  • Partner with technology and business teams to embed security by design and improve cyber risk outcomes.
  • Conduct third party cyber risk assessments and support risk based remediation activities.
  • Maintain cyber risk registers, treatment plans and reporting to support informed decision making.
  • Support assurance, audit and compliance activities by validating the implementation and effectiveness of security controls.
About You
  • Qualifications: Tertiary degree in IT, Computer Science or a related field with demonstrated relevant experience.
  • Industry certification such as CISSP, CISM, CRISC, SABSA, Azure/AWS security certifications, GIAC or ISO 27001 Lead Implementer/Auditor.
  • Knowledge of cyber security frameworks and principles including NIST CSF, ISO 27001, IEC 62443, and Zero Trust.
  • Experience reviewing cyber security controls across IT, OT, cloud, identity, network, endpoint, vulnerability management and monitoring environments.
  • A risk based mindset that links technical vulnerabilities and control gaps to business impact.
  • Experience assessing third party, supplier or service provider cyber risk.
  • Excellent stakeholder engagement and communication skills.
  • Confidence to challenge assumptions and drive better security outcomes.
  • Resilient and adaptable approach to influence a complex environment.
What we offer
  • Competitive remuneration including access to the Wesfarmers employee share plan and annual incentive plan.
  • Flexible working arrangements including work from home options where applicable.
  • Salary sacrifice opportunities, including novated leasing.
  • Access to a wide range of employee benefits across the Wesfarmers Group.
  • Paid parental leave of up to 18 weeks.
  • Ongoing professional development and career opportunities across WesCEF and the broader Wesfarmers Group.
Why We're Proud

We welcome applications from people of all backgrounds and encourage Aboriginal and Torres Strait Islander peoples to apply. WesCEF is committed to building an inclusive workforce that reflects the communities in which we operate.

Applications close: AWST 5pm, 30th July 2026.

This position is applicable to applicants with valid Australian Work Rights.

Skills

AWS
Azure
Compliance
Zero Trust

Similar jobs